-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Title: Juniper NetScreen Advisory 59147 Date: 29 June 2004 Version: 1 Impact: Possible HTTP cross-site script execution. Affected Products: Juniper Networks NetScreen 5GT Firewalls with AV 5.0.0r1 - 5.0.0r7 Unaffected Products: Juniper Networks NetScreen 5GT Firewalls without AV (all versions) All other Juniper Networks NetScreen Firewalls (all versions) Max Risk: Medium Summary: The Juniper Networks NetScreen 5GT Firewall has a HTTP cross-site scripting vulnerability in the antivirus scan engine. Details: The antivirus scan engine in the Juniper Networks NetScreen 5GT Firewall is susceptible to an HTTP cross-site scripting vulnerability. When a user downloads Internet content using a Web browser, the antivirus scan engine scans the contents for viruses. If the file is a zip archive, the scan engine examines the member files within the archive. When a virus is detected, the user is presented with a virus notification dialog containing the name of the infected archive member. If an attacker manually crafts a zip archive containing a virus-infected file with a specially formatted filename, the notification dialog could present a cross-site scripting vulnerability. Recommended Actions: Upgrade to ScreenOS 5.0.0r8 which fixes this issue. Customers unable to upgrade to 5.0.0r8 at this time can disable HTTP protocol scanning in the Scan Manager. Patch Availability: NetScreen currently has ScreenOS version 5.0.0r8 available for Juniper Networks NetScreen Firewalls. How to get ScreenOS: Customers with a valid product warranty or a support contract may download the software from the Juniper NetScreen CSO web portal: http://www.juniper.net/support/ For all other customers, including those with expired support contracts, please call your regional Juniper NetScreen TAC center at one of the numbers listed in: http://www.juniper.net/support/nscn_support/tao/contact.html Select option 2 from the telephone menu and be sure to select the correct product from the phone tree. Once connected with an engineer state that you are calling in regards to a Security Advisory and provide the title of this notice as evidence of your entitlement to the specified release. As with any new software installation, Juniper customers planning to upgrade to any version of ScreenOS should carefully read the release notes and other relevant documentation before beginning any upgrade. If you wish to verify the validity of this Security Advisory, the public PGP key can be accessed at: http://www.juniper.net/support/nscn_support/security/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux) Comment: NetScreen Security Response Team iD8DBQFA4bjFW2Bw6QjqXRcRAqbQAKCDtHWrlbTZb+woQ0sVt2TedHbDEgCfccor jyMyJLsvlRZMnS9aM7jxdLc= =ifnI -----END PGP SIGNATURE-----